HighCheck or Attack Name: ftppwless
The File Transfer Protocol (FTP) daemon ftpd allowed a login using a nonsensical username and password. An FTP daemon that does not require a username and password may allow attackers access to unauthorized areas of the computer.
Update your FTP server.
The latest version of wu-ftp is available from ftp://ftp.academ.com/pub/wu-ftpd/ or at http://ftp.academ.com/academ/wu-ftpd/release.html.
Windows: Microsoft FTP is available from the Internet Information Server (IIS for Windows NT Server) or Personal Web Services (PWS for Windows NT Workstation or Windows 95/98). Updates are available at http://support.microsoft.com/Support/iis/iisfixes.asp.
Academ Consulting Services, WU-FTP Server Software Release Information, http://ftp.academ.com/academ/wu-ftpd/release.html
Microsoft Personal Support Center, IIS and Related Products' Fixes & Updates, http://support.microsoft.com/Support/iis/iisfixes.asp
